Breadth of Web Service Security
Web Services can be organized into two main categories—intranet and Internet. In the intranet case, you control the Web Service servers and the clients, and (in most cases) you have a limited network topology. You have a certain number of domains and users, for example. There may be a great many users, but the number is known and limited. Internet, of course, implies an infinite number of untrusted clients, and you must assume that those clients are or may become malicious until proven trustworthy—even then, they should be watched (with audit/use trails and so on).
Because the intranet case involves a limited set of users and servers, the security options available to you differ from those you'll consider when ...
Get Applied SOAP: Implementing .NET XML Web Services now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.